package cn.blog.controller;

import java.security.Principal;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class Oauth2Controller {

	@Autowired
	private TokenStore tokenStore;

	/**
	 * 获取登录用户信息
	 * 
	 * @param principal
	 * @return
	 */
	@GetMapping("/get_user_info")
	public Principal principal(Principal principal) {
		return principal;
	}

	/**
	 * 退出登录
	 * 
	 * @param principal
	 * @param access_token
	 */
	@DeleteMapping(value = "/login_out", params = "access_token")
	public void removeToken(Principal principal, String access_token) {
		OAuth2AccessToken accessToken = tokenStore.readAccessToken(access_token);
		if (accessToken != null) {
			// 移除access_token
			tokenStore.removeAccessToken(accessToken);
			// 移除refresh_token
			if (accessToken.getRefreshToken() != null) {
				tokenStore.removeRefreshToken(accessToken.getRefreshToken());
			}
			System.out.println("退出登录");
		}
	}

}
